Specify security attributes for configuration file entries

Description of the project:In this Google Summer of Code Project we want to introduce a simple way for maintainers to specify the relevance of individual configuration options. When the specification and the default option changes during an upgrade, a tool will merge options to achieve better quality attributes such as security. The main focus will be on having a tool to validate security attributes in configuration files, e.g. inform users if options such as ?ServerKeyBits of the openssh-server configuration file are considered insecure.

Deliverables of the project: (1) Implement a specification for important Debian packages such as the openssh server. (2) Implement a tool that can validate if a configuration file is secure according to the specification.

Desirable skills: Very good C programming skills.

What the intern will learn: You will get contact to people involved in the Debian project. You will learn about Debian upgrade mechanism, especially how conffiles and ucf work. The long-term aim is to have better configuration upgrade experience that also takes quality attributes into account.